]> git.ipfire.org Git - thirdparty/haproxy.git/commitdiff
projects / thirdparty / haproxy.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 11c304d)
MINOR: quic: Move an SSL func call from QUIC I/O handler to the xprt init.
authorFrédéric Lécaille <flecaille@haproxy.com>
Thu, 27 May 2021 12:57:09 +0000 (14:57 +0200)
committerAmaury Denoyelle <adenoyelle@haproxy.com>
Thu, 23 Sep 2021 13:27:25 +0000 (15:27 +0200)
Move the call to SSL_set_quic_transport_params() from the listener I/O dgram
handler to the ->init() callback of the xprt (qc_conn_init()) which initializes
its context where is stored the SSL context itself, needed by
SSL_set_quic_transport_params(). Furthermore this is already what is done for the
server counterpart of ->init() QUIC xprt callback. As the ->init() may be run
by another thread than the one for the I/O handler, the xprt context could
not be potentially already initialized before calling SSL_set_quic_transport_params()
from the I/O handler.

src/xprt_quic.c patch | blob | blame | history

diff --git a/src/xprt_quic.c b/src/xprt_quic.c
index 327c3ce3a693bd223016691286972048d46a319b..633767a1a2b30c06d6aa1d86516b037570238292 100644 (file)
--- a/src/xprt_quic.c
+++ b/src/xprt_quic.c
@@ -3280,8 +3280,6 @@ static ssize_t qc_lstnr_pkt_rcv(unsigned char **buf, const unsigned char *end,
                        /* This is the DCID node sent in this packet by the client. */
                        node = &qc->odcid_node;
                        conn_ctx = qc->conn->xprt_ctx;
-                       SSL_set_quic_transport_params(conn_ctx->ssl,
-                                                     qc->enc_params, qc->enc_params_len);
                }
                else {
                        if (pkt->type == QUIC_PACKET_TYPE_INITIAL && cids == &l->rx.odcids)
@@ -4388,6 +4386,7 @@ static int qc_conn_init(struct connection *conn, void **xprt_ctx)
        else if (objt_listener(conn->target)) {
                /* Listener */
                struct bind_conf *bc = __objt_listener(conn->target)->bind_conf;
+               struct quic_conn *qc = ctx->conn->qc;
 
                ctx->state = QUIC_HS_ST_SERVER_INITIAL;
 
@@ -4395,6 +4394,7 @@ static int qc_conn_init(struct connection *conn, void **xprt_ctx)
                                          &ctx->ssl, &ctx->bio, ha_quic_meth, ctx) == -1)
                        goto err;
 
+               SSL_set_quic_transport_params(ctx->ssl, qc->enc_params, qc->enc_params_len);
                SSL_set_accept_state(ctx->ssl);
        }
 
Mirror of https://github.com/haproxy/haproxy.git